There's been a rash of stories about "Chinese spies" probing the networks that control the US electricity network (and the causing a blackout in one case). As we know already, these networks are the Achilles Heal of modern society and are, by design, are easy to disrupt (efficient organic design creates scale free hubs that can cause cascades of failure). Successful disruption of these networks can create the fear, uncertainty, and doubt necessary to create widespread societal/economic disruption
NOTE: Highly disruptive cyber attacks are still in the early stages of the trend line and can't be considered a major or existential security threat yet. In contrast, cyber criminality is well along the trend line, and is already heavily "taxing" electronic commerce.
It's clear that the "spy" label used in these articles is being used very loosely (likely an attempt to generate funding for US cyber warfare/defense efforts). In reality, both China and Russia outsource their cyber warfare to criminal and vigilante groups (part of the long tail of modern warfare). The benefits of using an open source approach to cyber warfare include: efficiency (little to no cost), best of breed skills (developed in the criminal economy), and complete deniability (essential for offensive cyber warfare activity). The costs of this approach is that these groups continue to operate 24/7 -- probing, extorting, coercing, and breaking networks. Further, the large numbers of people involved means that motives/efforts are all over the map and aren't coordinated. See this article in the Economist for more.
Platform Defense: The US intelligence/defense establishment needs to rethink how they approach this threat. First, they should focus only on those networks that represent critical infrastructure and defense/political functions (only the most important). Trying to defend all networks, including those run by corporations, from a threat this broad is futile and overly expensive. If the set of networks involved is small enough ("a platform" that defines the core network functions of the US), it may be possible to draw a line in the sand around them. Crossing that boundary would result in a massive effort to find the culprits.
Asymmetry and Rapid Reserves/Militias: Offensive cyber warfare is an asymmetric threat. It's impossible to build an offensive institutional capability in this realm. If it is needed during a time of extreme danger, it can be quickly outsourced to individuals and corporations with the requisite capability (we likely have more and better capability to conduct cyber warfare in the US than anywhere in the world if needed) with nearly zero ramp-up time. Since the opposition is using individuals and small groups to conduct offensive operations, every effort should be made to identify the hubs (people) of these networks to defuse, interdict, and counter-attack when necessary (piercing the cyber veil and getting to the actual person involved).
Decentralization: The only long term defense against cyber warfare and offensive cyber criminality (and the threat and disruption will only grow with time as more systems are integrated), is to move towards resilient communities. At that point, cyber attacks will be little more than an annoyance.
FINAL NOTE: Since Russia and China don't control their open source cyber capability, we may see an offensive event that causes mass disruption in the US/Europe. If it is large and deep enough, it could result in a cascade of events that result in war (and potentially even MAD) if we continue to think in terms of legacy notions of terrorism and cyber warfare (in that it can only be state sponsored or controlled).
Nils Gilman, of Monitor, has a good article on this (their research also confirms the points made above) in the IET.